When I run tcmdump on the bastion, I see that it tries to connect to the windows host but does not get any response. When I try to directly connect to the windows machine using psrp it works just fine.
On Thu, Sep 13, 2018 at 10:38 AM, Gil Shinar <[email protected]> wrote: > Actually the error is a bit different: > *ConnectTimeout: SOCKSHTTPConnectionPool(host='<windows host IP>', > port=5985): Max retries exceeded with url: /wsman (Caused by > ConnectTimeoutError(<urllib3.contrib.socks.SOCKSConnection object at > 0x7f2a7d269450>, 'Connection to <windows host IP> timed out. (connect > timeout=30)'))* > > On Thu, Sep 13, 2018 at 10:27 AM, Gil Shinar <[email protected]> wrote: > >> Hi Jordan, >> >> First thanks a lot for the detailed description! >> I have tried the sock example but for some reason it does not work for me. >> I configured the inventory as you have suggested (changed user and pass), >> installed socks package (had some issues with pip but made it work with >> system pip), in a different terminal connected to my bastion (had to use -i >> <path to pem>) and run the ansible command. Not sure were it fails: >> *ConnectionError: SOCKSHTTPConnectionPool(host='<windows host IP>', >> port=5985): Max retries exceeded with url: /wsman (Caused by >> NewConnectionError('<urllib3.contrib.socks.SOCKSConnection object at >> 0x7f494a320450>: Failed to establish a new connection: [Errno 111] >> Connection refused',))* >> >> Any help would be appreciated >> >> Thanks >> Gil >> >> On Wednesday, September 12, 2018 at 7:06:35 PM UTC+3, Gil Shinar wrote: >>> >>> I have installed ansible 2.7 rc1 because I need a way to install stuff >>> on a windows machine via Linux server as a tunnel. >>> After reading and trial and error, I have realized that it cannot be >>> done using WinRM but only using psrp with ansible 2.7. >>> I'm not sure what should be configured in the ansible_psrp_proxy parameter >>> and how can ansible know that the tunnel is server is a Linux one that >>> needs to connect using ssh. >>> I have tried to configure the ansible.cfg to read a ssh.cfg file with >>> the following content: >>> Host <windows machine IP> >>> ProxyCommand ssh -W %h:%p ec2-user@<Linux server IP> >>> IdentityFile <path to pem file> >>> >>> Host bastion >>> Hostname <Linux server IP> >>> User ec2-user >>> IdentityFile <path to pem file> >>> ForwardAgent yes >>> ControlMaster auto >>> ControlPath ~/.ssh/ansible-%r@%h:%p >>> ControlPersist 5m >>> >>> Error message looks like that: >>> ConnectTimeout: HTTPSConnectionPool(host='<windows machine IP>', >>> port=5986): Max retries exceeded with url: /wsman (Caused by >>> ConnectTimeoutError(<urllib3.connection.VerifiedHTTPSConnection object >>> at 0x7fb8ed6901d0>, u'Connection to <Linux server IP> timed out. (connect >>> timeout=30)')) >>> >>> 54.227.79.55 | FAILED! => { >>> "msg": "Unexpected failure during module execution.", >>> "stdout": "" >>> } >>> >>> Don't know which protocol it uses to connect to the Linux server but I >>> assume it is not ssh. >>> >>> Thanks >>> Gil >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to [email protected]. >> To view this discussion on the web visit https://groups.google.com/d/ms >> gid/ansible-project/a5304441-a7cc-49df-be28-e5c6abc03d66% >> 40googlegroups.com >> <https://groups.google.com/d/msgid/ansible-project/a5304441-a7cc-49df-be28-e5c6abc03d66%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> >> For more options, visit https://groups.google.com/d/optout. >> > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAPt4afdY14%2BEh49MTo18COdA0Li3uAGXOQWoHoiQFavBTO_h1Q%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
